You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2005/10/27 21:04:19 UTC
svn commit: r328924 [3/3] - in /geronimo/trunk:
applications/console-ear/src/plan/ applications/demo/src/webapp/WEB-INF/
applications/magicGball/src/plan/ configs/j2ee-corba/src/plan/
modules/assembly/src/plan/ modules/client-builder/src/schema/ module...
Modified: geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java Thu Oct 27 12:03:46 2005
@@ -434,7 +434,7 @@
connector = new GBeanData(connectorName, ConnectorGBean.GBEAN_INFO);
connector.setAttribute("name", "HTTP");
- connector.setAttribute("port", new Integer(8080));
+ connector.setAttribute("port", new Integer(8181));
connector.setReferencePattern("TomcatContainer", containerName);
start(container);
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java (original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java Thu Oct 27 12:03:46 2005
@@ -20,7 +20,6 @@
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
@@ -30,10 +29,11 @@
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Valve;
import org.apache.catalina.Wrapper;
-import org.apache.catalina.authenticator.AuthenticatorBase;
import org.apache.catalina.core.StandardContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
+import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.kernel.StoredObject;
import org.apache.geronimo.naming.java.SimpleReadOnlyContext;
import org.apache.geronimo.naming.reference.ClassLoaderAwareReference;
@@ -45,16 +45,17 @@
import org.apache.geronimo.security.util.ConfigurationUtil;
import org.apache.geronimo.tomcat.util.SecurityHolder;
import org.apache.geronimo.tomcat.valve.ComponentContextValve;
+import org.apache.geronimo.tomcat.valve.DefaultSubjectValve;
import org.apache.geronimo.tomcat.valve.InstanceContextValve;
import org.apache.geronimo.tomcat.valve.PolicyContextValve;
import org.apache.geronimo.tomcat.valve.TransactionContextValve;
-import org.apache.geronimo.tomcat.valve.DefaultSubjectValve;
import org.apache.geronimo.transaction.context.TransactionContextManager;
import org.apache.geronimo.webservices.POJOWebServiceServlet;
import org.apache.geronimo.webservices.WebServiceContainer;
import org.apache.geronimo.webservices.WebServiceContainerInvoker;
-public class GeronimoStandardContext extends StandardContext{
+
+public class GeronimoStandardContext extends StandardContext {
private static final Log log = LogFactory.getLog(GeronimoStandardContext.class);
@@ -64,7 +65,7 @@
private Map webServiceMap = null;
- public void setContextProperties(TomcatContext ctx){
+ public void setContextProperties(TomcatContext ctx) throws DeploymentException {
// Create ReadOnlyContext
javax.naming.Context enc = null;
@@ -88,9 +89,9 @@
//Set the InstanceContextValve
InstanceContextValve instanceContextValve =
- new InstanceContextValve(ctx.getUnshareableResources(),
- ctx.getApplicationManagedSecurityResources(),
- ctx.getTrackedConnectionAssociator());
+ new InstanceContextValve(ctx.getUnshareableResources(),
+ ctx.getApplicationManagedSecurityResources(),
+ ctx.getTrackedConnectionAssociator());
addValve(instanceContextValve);
// Set ComponentContext valve
@@ -109,7 +110,7 @@
//Set a PolicyContext Valve
SecurityHolder securityHolder = ctx.getSecurityHolder();
- if (securityHolder != null){
+ if (securityHolder != null) {
if (securityHolder.getPolicyContextID() != null) {
PolicyContext.setContextID(securityHolder.getPolicyContextID());
@@ -118,7 +119,7 @@
* Register our default subject with the ContextManager
*/
DefaultPrincipal defaultPrincipal = securityHolder.getDefaultPrincipal();
- if (defaultPrincipal != null){
+ if (defaultPrincipal != null) {
defaultSubject = ConfigurationUtil.generateDefaultSubject(defaultPrincipal);
ContextManager.registerSubject(defaultSubject);
SubjectId id = ContextManager.getSubjectId(defaultSubject);
@@ -126,14 +127,14 @@
}
PolicyContextValve policyValve = new PolicyContextValve(
- securityHolder.getPolicyContextID());
+ securityHolder.getPolicyContextID());
addValve(policyValve);
//This is definitely a hack, but I don't see a reasonable way to install the defaultSubject.
//Obviously this won't work if there are permissions. Setting the default subject if there are
//permissions breaks authentication.
boolean hasPermissions = securityHolder.getChecked().elements().hasMoreElements() ||
- securityHolder.getExcluded().elements().hasMoreElements();
+ securityHolder.getExcluded().elements().hasMoreElements();
if (!hasPermissions && defaultSubject != null) {
Valve defaultSubjectValve = new DefaultSubjectValve(defaultSubject);
addValve(defaultSubjectValve);
@@ -146,10 +147,10 @@
// Add User Defined Valves
List valveChain = ctx.getValveChain();
- if (valveChain != null){
+ if (valveChain != null) {
Iterator iterator = valveChain.iterator();
- while(iterator.hasNext()){
- Valve valve = (Valve)iterator.next();
+ while (iterator.hasNext()) {
+ Valve valve = (Valve) iterator.next();
addValve(valve);
}
}
@@ -165,18 +166,18 @@
public synchronized void stop() throws LifecycleException {
// Remove the defaultSubject
- if (defaultSubject != null){
+ if (defaultSubject != null) {
ContextManager.unregisterSubject(defaultSubject);
}
- super.stop();
+ super.stop();
}
- public void addChild(Container child){
+ public void addChild(Container child) {
Wrapper wrapper = (Wrapper) child;
String servletClassName = wrapper.getServletClass();
- if (servletClassName == null){
+ if (servletClassName == null) {
super.addChild(child);
return;
}
@@ -185,20 +186,20 @@
Class baseServletClass = null;
Class servletClass = null;
- try{
+ try {
baseServletClass = cl.loadClass(Servlet.class.getName());
servletClass = cl.loadClass(servletClassName);
//Check if the servlet is of type Servlet class
- if (!baseServletClass.isAssignableFrom(servletClass)){
+ if (!baseServletClass.isAssignableFrom(servletClass)) {
//Nope - its probably a webservice, so lets see...
- if (webServiceMap != null){
- StoredObject storedObject = (StoredObject)webServiceMap.get(wrapper.getName());
+ if (webServiceMap != null) {
+ StoredObject storedObject = (StoredObject) webServiceMap.get(wrapper.getName());
- if (storedObject != null){
+ if (storedObject != null) {
WebServiceContainer webServiceContainer = null;
- try{
- webServiceContainer = (WebServiceContainer)storedObject.getObject(cl);
- } catch(IOException io){
+ try {
+ webServiceContainer = (WebServiceContainer) storedObject.getObject(cl);
+ } catch (IOException io) {
throw new RuntimeException(io);
}
//Yep its a web service
@@ -217,7 +218,7 @@
}
}
}
- } catch (ClassNotFoundException e){
+ } catch (ClassNotFoundException e) {
throw new RuntimeException(e.getMessage(), e);
}
Modified: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -24,7 +24,7 @@
<tomcat:context-priority-classloader>false</tomcat:context-priority-classloader>
<!--
<jetty:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -18,13 +18,13 @@
<web-app
xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
- xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
configId="org/apache/geronimo/test">
<context-root>/test</context-root>
<context-priority-classloader>false</context-priority-classloader>
<sec:security>
- <sec:default-principal realm-name="geronimo-properties-realm">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="metro"/>
</sec:default-principal>
</sec:security>
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java Thu Oct 27 12:03:46 2005
@@ -259,7 +259,7 @@
propertiesRealmGBean.setReferencePattern("LoginModuleConfiguration", testUseName);
propertiesRealmGBean.setReferencePattern("LoginService", loginServiceName);
Principal.PrincipalEditor principalEditor = new Principal.PrincipalEditor();
- principalEditor.setAsText("metro=org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+ principalEditor.setAsText("metro,org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal,false");
propertiesRealmGBean.setAttribute("defaultPrincipal", principalEditor.getValue());
propertiesRealmName2 = new ObjectName("geronimo.server:j2eeType=SecurityRealm,name=geronimo-properties-realm-2");
@@ -269,7 +269,7 @@
propertiesRealmGBean2.setReferencePattern("LoginModuleConfiguration", testUseName);
propertiesRealmGBean2.setReferencePattern("LoginService", loginServiceName);
Principal.PrincipalEditor principalEditor2 = new Principal.PrincipalEditor();
- principalEditor2.setAsText("metro=org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+ principalEditor2.setAsText("metro,org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal,false");
propertiesRealmGBean2.setAttribute("defaultPrincipal", principalEditor2.getValue());
start(loginConfigurationGBean);
@@ -376,7 +376,7 @@
container.setReferencePattern("ServerInfo", serverInfoName);
connector = new GBeanData(connectorName, ConnectorGBean.GBEAN_INFO);
- connector.setAttribute("port", new Integer(8080));
+ connector.setAttribute("port", new Integer(8181));
connector.setAttribute("host", "localhost");
connector.setAttribute("name", "HTTP");
connector.setReferencePattern("TomcatContainer", containerName);
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java Thu Oct 27 12:03:46 2005
@@ -30,7 +30,7 @@
public void DavidJencksPleaseVisitMetestApplication() throws Exception {
setUpInsecureAppContext();
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/test/hello.txt")
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181/test/hello.txt")
.openConnection();
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ContainerTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ContainerTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ContainerTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ContainerTest.java Thu Oct 27 12:03:46 2005
@@ -91,7 +91,7 @@
MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
kernel.invoke(containerName, "addWebService", new Object[]{contextPath, null, webServiceInvoker, null, null, null, null, cl}, new String[]{String.class.getName(), String[].class.getName(), WebServiceContainer.class.getName(), String.class.getName(), String.class.getName(), String.class.getName(), String.class.getName(), ClassLoader.class.getName()});
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080" + contextPath).openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181" + contextPath).openConnection();
try {
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
@@ -100,7 +100,7 @@
connection.disconnect();
}
kernel.invoke(containerName, "removeWebService", new Object[]{contextPath}, new String[]{String.class.getName()});
- connection = (HttpURLConnection) new URL("http://localhost:8080" + contextPath).openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181" + contextPath).openConnection();
try {
connection.getInputStream();
fail();
@@ -127,7 +127,7 @@
kernel.invoke(containerName, "addWebService", new Object[]{contextPath, null, webServiceInvoker, "Geronimo", "Geronimo", "NONE", "BASIC", cl}, new String[]{String.class.getName(), String[].class.getName(), WebServiceContainer.class.getName(), String.class.getName(), String.class.getName(), String.class.getName(), String.class.getName(), ClassLoader.class.getName()});
//Veryify its secured
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080" + contextPath).openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181" + contextPath).openConnection();
try {
connection.getInputStream();
fail();
@@ -138,7 +138,7 @@
}
//Authenticate
- connection = (HttpURLConnection) new URL("http://localhost:8080" + contextPath).openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181" + contextPath).openConnection();
String authentication = (new BASE64Encoder()).encode(("alan:starcraft").getBytes());
connection.setRequestProperty("Authorization", "Basic " + authentication);
try {
@@ -149,7 +149,7 @@
connection.disconnect();
}
kernel.invoke(containerName, "removeWebService", new Object[]{contextPath}, new String[]{String.class.getName()});
- connection = (HttpURLConnection) new URL("http://localhost:8080" + contextPath).openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181" + contextPath).openConnection();
try {
connection.getInputStream();
fail();
@@ -288,7 +288,7 @@
connector = new GBeanData(connectorName, ConnectorGBean.GBEAN_INFO);
connector.setAttribute("name", "HTTP");
- connector.setAttribute("port", new Integer(8080));
+ connector.setAttribute("port", new Integer(8181));
connector.setReferencePattern("TomcatContainer", containerName);
start(connector);
}
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JAASSecurityTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JAASSecurityTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JAASSecurityTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JAASSecurityTest.java Thu Oct 27 12:03:46 2005
@@ -36,7 +36,7 @@
startWebApp();
//Begin the test
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
//Be sure we have been given the login page
@@ -46,7 +46,7 @@
String cookie = connection.getHeaderField("Set-Cookie");
cookie = cookie.substring(0, cookie.lastIndexOf(';'));
- String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";
+ String location = "http://localhost:8181/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Cookie", cookie);
@@ -68,7 +68,7 @@
startWebApp();
//Begin the test
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
@@ -79,7 +79,7 @@
String cookie = connection.getHeaderField("Set-Cookie");
cookie = cookie.substring(0, cookie.lastIndexOf(';'));
- String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=basspassword";
+ String location = "http://localhost:8181/securetest/protected/j_security_check?j_username=alan&j_password=basspassword";
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestMethod("POST");
@@ -107,7 +107,7 @@
Thread.sleep(5000);
//Begin the test
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
@@ -118,7 +118,7 @@
String cookie = connection.getHeaderField("Set-Cookie");
cookie = cookie.substring(0, cookie.lastIndexOf(';'));
- String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=izumi&j_password=violin";
+ String location = "http://localhost:8181/securetest/protected/j_security_check?j_username=izumi&j_password=violin";
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestMethod("POST");
@@ -126,7 +126,7 @@
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
- connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setRequestProperty("Cookie", cookie);
connection.setInstanceFollowRedirects(false);
reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java Thu Oct 27 12:03:46 2005
@@ -28,23 +28,16 @@
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
-
import javax.management.ObjectName;
-import javax.security.auth.Subject;
-import javax.security.auth.x500.X500Principal;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
-import org.apache.geronimo.common.DeploymentException;
-import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
-import org.apache.geronimo.security.deploy.DistinguishedName;
import org.apache.geronimo.security.deploy.Principal;
-import org.apache.geronimo.security.deploy.Realm;
import org.apache.geronimo.security.deploy.Role;
import org.apache.geronimo.security.deploy.Security;
+import org.apache.geronimo.security.deployment.SecurityBuilder;
import org.apache.geronimo.security.jacc.ComponentPermissions;
-import org.apache.geronimo.security.util.ConfigurationUtil;
/**
@@ -67,23 +60,15 @@
securityConfig.setUseContextHandler(false);
DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
- defaultPrincipal.setRealmName("geronimo-properties-realm");
- Principal principal = new Principal();
- principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
- principal.setPrincipalName("izumi");
+ Principal principal = new Principal("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal", "izumi", false);
defaultPrincipal.setPrincipal(principal);
securityConfig.setDefaultPrincipal(defaultPrincipal);
Role role = new Role();
role.setRoleName("content-administrator");
- principal = new Principal();
- principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
- principal.setPrincipalName("it");
- Realm realm = new Realm();
- realm.setRealmName("geronimo-properties-realm");
- realm.getPrincipals().add(principal);
- role.getRealms().put(realm.getRealmName(), realm);
+ principal = new Principal("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal", "it", false);
+ role.getPrincipals().add(principal);
securityConfig.getRoleMappings().put(role.getRoleName(), role);
@@ -104,15 +89,13 @@
rolePermissions.put("content-administrator", permissions);
rolePermissions.put("auto-administrator", permissions);
- PermissionCollection checked = permissions;
-
ComponentPermissions componentPermissions = new ComponentPermissions(excludedPermissions, uncheckedPermissions, rolePermissions);
- startWebApp(roleDesignates, principalRoleMap, componentPermissions,
- defaultPrincipal, checked);
+ startWebApp(roleDesignates, principalRoleMap, componentPermissions,
+ defaultPrincipal, permissions);
//Begin the test
- HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
@@ -123,7 +106,7 @@
String cookie = connection.getHeaderField("Set-Cookie");
cookie = cookie.substring(0, cookie.lastIndexOf(';'));
- String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";
+ String location = "http://localhost:8181/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestMethod("POST");
@@ -131,7 +114,7 @@
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
- connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setRequestProperty("Cookie", cookie);
connection.setInstanceFollowRedirects(false);
reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
@@ -141,7 +124,7 @@
connection.disconnect();
//Now lets try it with izumi
- connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
@@ -153,7 +136,7 @@
assertEquals("<!-- Login Page -->", reader.readLine());
reader.close();
- location = "http://localhost:8080/securetest/protected/j_security_check?j_username=izumi&j_password=violin";
+ location = "http://localhost:8181/securetest/protected/j_security_check?j_username=izumi&j_password=violin";
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestMethod("POST");
@@ -162,7 +145,7 @@
assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
try {
- connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection();
connection.setRequestProperty("Cookie", cookie);
connection.setInstanceFollowRedirects(false);
reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
@@ -183,10 +166,11 @@
Map principalRoleMap,
ComponentPermissions componentPermissions,
DefaultPrincipal defaultPrincipal,
- PermissionCollection checked) throws Exception {
+ PermissionCollection checked) throws Exception
+ {
appName = setUpSecureAppContext(roleDesignates, principalRoleMap,
- componentPermissions, defaultPrincipal, checked);
+ componentPermissions, defaultPrincipal, checked);
}
@@ -195,9 +179,9 @@
stop(appName);
}
- public static void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) throws DeploymentException {
+ public static void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) {
Map roleToPrincipalMap = new HashMap();
- buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap);
+ SecurityBuilder.buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap);
invertMap(roleToPrincipalMap, principalRoleMap);
}
@@ -218,60 +202,6 @@
}
}
return principalRoleMapping;
- }
-
- private static void buildRolePrincipalMap(Security security, Map roleDesignates, Map roleToPrincipalMap) throws DeploymentException {
-
- Iterator rollMappings = security.getRoleMappings().values().iterator();
- while (rollMappings.hasNext()) {
- Role role = (Role) rollMappings.next();
-
- String roleName = role.getRoleName();
- Subject roleDesignate = new Subject();
- Set principalSet = new HashSet();
-
- Iterator realms = role.getRealms().values().iterator();
- while (realms.hasNext()) {
- Realm realm = (Realm) realms.next();
-
- Iterator principals = realm.getPrincipals().iterator();
- while (principals.hasNext()) {
- Principal principal = (Principal) principals.next();
-
- //TODO check this
- String loginDomain = null;
-
- java.security.Principal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(principal, loginDomain, realm.getRealmName());
-
- if (realmPrincipal == null) throw new DeploymentException("Unable to create realm principal");
-
- principalSet.add(realmPrincipal);
- if (principal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(realmPrincipal);
- }
- }
-
- for (Iterator names = role.getDNames().iterator(); names.hasNext();) {
- DistinguishedName dn = (DistinguishedName) names.next();
-
- X500Principal x500Principal = ConfigurationUtil.generateX500Principal(dn.getName());
-
- principalSet.add(x500Principal);
- if (dn.isDesignatedRunAs()) {
- roleDesignate.getPrincipals().add(x500Principal);
- }
- }
-
- Set roleMapping = (Set) roleToPrincipalMap.get(roleName);
- if (roleMapping == null) {
- roleMapping = new HashSet();
- roleToPrincipalMap.put(roleName, roleMapping);
- }
- roleMapping.addAll(principalSet);
-
- if (roleDesignate.getPrincipals().size() > 0) {
- roleDesignates.put(roleName, roleDesignate);
- }
- }
}
protected void setUp() throws Exception {
Modified: geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd (original)
+++ geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd Thu Oct 27 12:03:46 2005
@@ -20,7 +20,7 @@
xmlns:web="http://geronimo.apache.org/xml/ns/j2ee/web-1.0"
targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/web-1.0"
xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.0"
- xmlns:security="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:security="http://geronimo.apache.org/xml/ns/security-1.1"
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.0"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
@@ -28,7 +28,7 @@
version="1.0">
<xs:import namespace="http://geronimo.apache.org/xml/ns/naming-1.0" schemaLocation="geronimo-naming-1.0.xsd"/>
- <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.0" schemaLocation="geronimo-security-1.0.xsd"/>
+ <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.1" schemaLocation="geronimo-security-1.1.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/deployment-1.0" schemaLocation="geronimo-config-1.0.xsd"/>
<xs:element name="web-app" type="web:web-appType"/>
Modified: geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -24,7 +24,7 @@
<tomcat:context-priority-classloader>false</tomcat:context-priority-classloader>
<!--
<tomcat:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/sandbox/petstore/src/plan/petstoreadmin1.3.2.ear-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/sandbox/petstore/src/plan/petstoreadmin1.3.2.ear-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/sandbox/petstore/src/plan/petstoreadmin1.3.2.ear-plan.xml (original)
+++ geronimo/trunk/sandbox/petstore/src/plan/petstoreadmin1.3.2.ear-plan.xml Thu Oct 27 12:03:46 2005
@@ -30,14 +30,12 @@
<security-realm-name>petstore-realm</security-realm-name>
<security>
- <default-principal realm-name="petstore-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="jps_admin"/>
</default-principal>
<role-mappings>
<role role-name="administrator">
- <realm realm-name="petstore-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="jps_admin"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="jps_admin"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/sandbox/petstore/src/plan/supplier1.3.2.ear-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/sandbox/petstore/src/plan/supplier1.3.2.ear-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/sandbox/petstore/src/plan/supplier1.3.2.ear-plan.xml (original)
+++ geronimo/trunk/sandbox/petstore/src/plan/supplier1.3.2.ear-plan.xml Thu Oct 27 12:03:46 2005
@@ -300,14 +300,12 @@
</module>
<security>
- <default-principal realm-name="petstore-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="supplier"/>
</default-principal>
<role-mappings>
<role role-name="administrator">
- <realm realm-name="petstore-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="supplier"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="supplier"/>
</role>
</role-mappings>
</security>